The Tangled Web: A Guide to Securing Modern Web Applications
| Author | : | |
| Rating | : | 4.37 (818 Votes) |
| Asin | : | 1593273886 |
| Format Type | : | paperback |
| Number of Pages | : | 320 Pages |
| Publish Date | : | 2014-01-25 |
| Language | : | English |
DESCRIPTION:
He is credited with discovering hundreds of notable security vulnerabilities and frequently appears on lists of the most influential security experts. About the AuthorMichal Zalewski is an internationally recognized information security expert with a long track record of delivering cutting-edge research. He is the author of Silence on the Wire (No Starch Press), Google's "Browser Security Handbook," and numerous important research papers.
Michal Zalewski is an internationally recognized information security expert with a long track record of delivering cutting-edge research. He is the author of Silence on the Wire (No Starch Press), Google's "Browser Security Handbook," and numerous important research papers.. He is credited with discovering hundreds of notable security vulnerabilit
You'll learn how to:Perform common but surprisingly complex tasks such as URL parsing and HTML sanitizationUse modern security features like Strict Transport Security, Content Security Policy, and Cross-Origin Resource SharingLeverage many variants of the same-origin policy to safely compartmentalize complex web applications and protect user credentials in case of XSS bugsBuild mashups and embed gadgets without getting stung by the tricky frame navigation policyEmbed or host user-supplied content without running into the trap of content sniffingFor quick reference, "Security Engineering Cheat Sheets" at the end of each chapter offer ready solutions to problems you're most likely to encounter. To keep users safe, it is essential for developers to confidently navigate this landscape.In The Tangled Web
Incredibly good and highly technical book on browser security coding Ben Rothke In the classic poem Inferno, Dante passes through the gates of Hell, which has the inscription abandon all hope, ye who enter here above the entrance. After reading The Tangled Web: A Guide to Securing Modern Web Applications, one gets the feeling the writing secure web code is akin to Dante's experience.In this incredibly good and highly technical book, author Michal Zalewski writes that . "Decent bookfor readers with previous knowledge" according to Rebecca Ames. In general, I thought this book was good. It covers a lot of material, and has nice "cheat sheets" at the end of each chapter.The reason I give the book Decent bookfor readers with previous knowledge In general, I thought this book was good. It covers a lot of material, and has nice "cheat sheets" at the end of each chapter.The reason I give the book 3 stars, however, is that the author is suffering from the curs of knowledge (or perhaps I am suffering from the curse of ignorance). While he gives some background information on how browsers work, html works, etc in the first part of the. stars, however, is that the author is suffering from the curs of knowledge (or perhaps I am suffering from the curse of ignorance). While he gives some background information on how browsers work, html works, etc in the first part of the. K. H. said On the evolution of the modern web browser design and notable security implications.. Mr. Zalewski's new book is impressive and should be read by anyone working in the web space that cares about security -- whether an attacker or defender. It definitively captures the current state and how we arrived at this juncture due to the many historical browser wars. His current employer and producer of the most secure browser -- Google Chrome -- is about to capture a On the evolution of the modern web browser design and notable security implications. K. H. Mr. Zalewski's new book is impressive and should be read by anyone working in the web space that cares about security -- whether an attacker or defender. It definitively captures the current state and how we arrived at this juncture due to the many historical browser wars. His current employer and producer of the most secure browser -- Google Chrome -- is about to capture a 40% share [1] o. 0% share [1] o